f7d1506f4c8d9d611e7302e756201a51_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f7d1506f4c8d9d611e7302e756201a51_JaffaCakes118
Size

85KB
MD5

f7d1506f4c8d9d611e7302e756201a51
SHA1

126ea327a54857b338a1884329ecf88856a071bf
SHA256

9ff1061582f07c182bcfb01e1e80ed88acc38917f6ebea07a1fecd1f9df5b628
SHA512

c292e59e7ccae4312ce8e672a03c65358643f3f6623701343791645df73a74bd11c5ae91d33f6f7069a14fcb271bb998920552dbcf7b54e61c26c0cac5e68e39
SSDEEP

1536:DZv0v5EbtyTTTpto1V0gfhWX5Rvq9P2U+P3jB81K16E/+qkPAWyzBy7V0gfs:hbtt0QhWXfve+U+P2Wn60Qs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f7d1506f4c8d9d611e7302e756201a51_JaffaCakes118

Files

f7d1506f4c8d9d611e7302e756201a51_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
JumpHookOff
JumpHookOn

Sections

Size: - Virtual size: 176KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 83KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE